Mozila warns on password reuse

With Firefox 76, Mozilla’s browser tells you when you’re reusing passwords that could have already been compromised.

Mozilla has beefed up Firefox Lockwise, its password management tool, to tell you when you’re making a more bonehead mistake than usual by reusing your passwords. Firefox already warned if a site you’re logging into has suffered a data breach. But in Firefox 76, released Tuesday, the browser now also tells you when you’re using that site’s password on another website and prompts you to change it.

Reusing passwords is convenient for trying to remember them, but it’s dangerously insecure. Once hackers discover passwords through data breaches, they often try those passwords all over the net with a type of attack called credential stuffing. Two-factor authentication eases the problem, though.

Lockwise will also generate and autofill new passwords more smoothly, Mozilla said. That better matches the standard abilities of password managers like LastPass, 1Password and BitWarden.

If you’re not using a password manager, now is a good time to think about making the move. Password managers can be a big help if you’re struggling to use unique, hard-to-guess passwords for dozens or hundreds of online services. Although many people use third-party password managers, browsers and built-in tools like Apple’s iCloud Keychain are getting more sophisticated.

Services tied to one company’s products aren’t as useful if you stray from the fold, though. Chrome’s password sync helps you on Android but not Firefox, and Apple’s service doesn’t work on Windows or Android.

For people who haven’t set up a master password in Firefox to protect their passwords, Firefox 76 also will require you to type in your system password before seeing details. That’ll make it harder for roommates or coworkers to snoop.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s